<?php
require_once "conexao/ConexaoControle.php";

class Principal
{
	private $arrMensagem;

	function __construct()
	{
		ConexaoControle::iniciaConexao();
		$this->arrMensagem = $_POST;
		$this->arrMensagem = $_REQUEST;//COMENTAR ISSO DEPOIS DOS TESTES!!!
		$this->controlador();
	}
	
	private function controlador()
	{
		if (isset($this->arrMensagem['strAcao']) === true && $this->arrMensagem['strAcao'] === "retornaEstado") {
			$this->retornaEstado();
		}
	}
	
	private function retornaEstado()
	{
		$strQuery = "SELECT * FROM transform";
		$arrResultado = ConexaoControle::query($strQuery);
		
		if($arrResultado && mysqli_num_rows($arrResultado)>0) {
			$row = mysqli_fetch_assoc($arrResultado);
			var_dump($row);
			exit;
			exit;
			$row["flt_position_x"] = (float)$row["flt_position_x"];
			echo json_encode($row);
		} else die ("ERROR: VK: No user with such id;");
		exit;
	}
}

$objPrincipal = new Principal();

/*
$strSql = "Insert into teste value(".$arrParametro['intContador'].")";
$result = mysqli_query($conn, $strSql) or die ("<br>SQL: ".$strSql."<br>Error: ".mysqli_error($conn)."<br>SQL: ".$strSql);
echo "Inserido: ".$arrParametro['intContador'];
*/

/*
if (!isset($_POST['myform_nick']) || !isset($_POST['myform_pass'])) die ("ERROR: FlashVars are absent;");
$viewer_id = clrstr($_POST['myform_nick']);
$password = clrstr($_POST['myform_pass']);

//You should check is the access allowed.
$query = "SELECT * FROM `scores` WHERE `name`='".$viewer_id."' LIMIT 1;";
$result = mysqli_query($conn, $query) or die ("<br>SQL: ".$sql."<br>Error: ".mysqli_error($conn)."<br>SQL: ".$sql);

if($result && mysqli_num_rows($result)>0) {
    $row = mysqli_fetch_assoc($result);
    echo json_encode($row);
} else die ("ERROR: VK: No user with such id;");
 
function clrstr($s) {
    global $conn;
    return mysqli_real_escape_string($conn, trim($s));
}
*/

/*
// =============================================================================
// PROTECT AGAINST SQL INJECTION and CONVERT PASSWORD INTO MD5 formats
function anti_injection_login_senha($sql, $formUse = true)
{
$sql = preg_replace("/(from|select|insert|delete|where|drop table|show tables|,|'|#|\*|--|\\\\)/i","",$sql);
$sql = trim($sql);
$sql = strip_tags($sql);
if(!$formUse || !get_magic_quotes_gpc())
  $sql = addslashes($sql);
  $sql = md5(trim($sql));
return $sql;
}
// THIS ONE IS JUST FOR THE NICKNAME PROTECTION AGAINST SQL INJECTION
function anti_injection_login($sql, $formUse = true)
{
$sql = preg_replace("/(from|select|insert|delete|where|drop table|show tables|,|'|#|\*|--|\\\\)/i","",$sql);
$sql = trim($sql);
$sql = strip_tags($sql);
if(!$formUse || !get_magic_quotes_gpc())
  $sql = addslashes($sql);
return $sql;
}
// =============================================================================
$unityHash = anti_injection_login($_POST["myform_hash"]);
$phpHash = "hashcode"; // same code in here as in your Unity game
 
$nick = anti_injection_login($_POST["myform_nick"]); //I use that function to protect against SQL injection
$pass = anti_injection_login_senha($_POST["myform_pass"]);
/*
you can also use this:
$nick = $_POST["myform_nick"];
$pass = $_POST["myform_pass"];
*/
/*
if(!$nick || !$pass) {
	echo "Login or password cant be empty.";
} else {
	if ($unityHash != $phpHash){
		echo "HASH code is diferent from your game, you infidel.";
	} else {
		$SQL = "SELECT * FROM scores WHERE name = '" . $nick . "'";
		$result_id = @mysql_query($SQL) or die("DATABASE ERROR!");
		$total = mysql_num_rows($result_id);
		if($total) {
			$datas = @mysql_fetch_array($result_id);
			if(!strcmp($pass, $datas["password"])) {
				echo "LOGADO - PASSWORD CORRECT";
			} else {
				echo "Nick or password is wrong.";
			}
		} else {
			echo "Data invalid - cant find name.";
		}
	}
}
// Close mySQL Connection
mysql_close();
*/
?>